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Abstract. An important issue for temporal planners is the ability to 
handle temporal uncertainty. Recent papers have addressed the question 
of how to tell whether a temporal network is Dynamically Controllable, 
i.e., whether the temporal requirements are feasible in the light of uncer- 
tain durations of some processes. Previous work has presented an 0(N 5 ) 
algorithm for testing this property. Here, we introduce a new analysis of 
temporal' cycles that leads to an 0(N 4 ) algorithm. 


1 Introduction 

Many Constraint-Based Planning systems (e.g. [1]) use Simple Temporal Net- 
work's (STNs) to test the consistency of partial plans encountered during the 
search process. These systems produce flexible plans where every solution to the 
final Simple Temporal Network provides an acceptable schedule. The flexibility 
is useful because it provides scope to respond to unanticipated contingencies 
during execution, for example, where some activity takes longer than expected. 
However, since the uncertainty is not modelled, there is no guarantee- that the 
flexibility will be sufficient to manage a particular contingency. 

Many applications, however, involve a specific type of temporal uncertainty 
where the duration of certain processes or the timing of exogenous events is not 
under the control of the agent using the plan. In these cases, the values for the 
variables that are under the agent’s control may need to be chosen so that they do 
not constrain uncontrollable events whose outcomes are still in the future. This 
is the controllability problem. By formalizing this notion of temporal uncertainty, 
it is possible to provide guarantees about the sufficiency of the flexibility. 

In [2], several notions of controllability are defined, including Dynamic Con- 
trollability (DC). Roughly speaking, a network is dynamically controllable if 
there is a strategy for satisfying the constraints that depends only on knowing 
the outcomes of past uncontrollable events. 

In [3] an algorithm is presented that determines DC and runs in polyno- 
mial time under the assumption that the maximum size of links in the STN is 
bounded. Thus, the algorithm is pseudo-polynomial like arc-consistency, rather 
than being a strongly polynomial algorithm such as, for example, the Bellman- 
Ford algorithm [4] for determining consistency of a distance graph. What makes 



the latter algorithm strongly polynomial is the Bellman-Ford cutoff, which re- 
stricts the number of iterations based on the number of nodes in the network. 
The first strongly polynomial algorithm for DC is presented in [5]. This intro- 
duces an algorithm with an 0(N 3 ) inner-loop and an outer loop with an 0(N 2 ) 
cutoff. Thus, the entire algorithm runs in 0(N 5 ) time. The paper also simplifies 
the mathematical formulation of the reduction rules. 

In this paper, we further simplify the mathematical formulation and intro- 
duce a structural characterization of DC in terms of the absence of a particular 
type of negative cycle. This is analogous to the result characterizing consistency 
of ordinary STNs in terms of the absence of negative cycles in the distance graph. 
This leads to a reformulated algorithm for DC with an 0(N 3 ) inner-loop and an 
0(N) cutoff for the outer loop. Thus, the entire algorithm runs in 0(N 4 ) time. 

2 Background 

This background section defines the types of controllability, and outlines the 
previous DC algorithms, essentially following [3,5]. 

A Simple Temporal Network (STN) [6] is a graph in which the edges are 
annotated with upper and lower numerical bounds. The nodes in the graph rep- 
resent temporal events or timepoints, while the edges correspond to constraints 
on the durations between the events. Each STN is associated with a distance 
graph derived from the upper and lower bound constraints. An STN is consis- 
tent if and only if the distance graph does not contain a negative cycle. This 
can be determined by a single-source shortest path propagation such as in the 
Bellman-Ford algorithm [4] (faster than Floyd- Warshall for sparse graphs, which 
are common in practical problems). To avoid confusion with edges in the distance 
graph, we will refer to edges in the STN as links. 

A Simple Temporal Network With Uncertainty (STNU) is similar to an STN 
except the links are divided into two classes, requirement links and contingent 
links. Requirement links are temporal constraints that the agent must satisfy, 
like the links in an ordinary STN. Contingent links may be thought of as repre- 
senting causal processes of uncertain duration, or periods from a reference time 
to exogenous events; their finish timepoints, called contingent timepoints, are 
controlled by Nature, subject to the limits imposed by the bounds on the con- 
tingent links. All other timepoints, called executable timepoints , are controlled 
by the agent, whose goal is to satisfy the bounds on the requirement links. We 
assume the durations of contingent links vary independently, so a control proce- 
dure must consider every combination of such durations. Each contingent link is 
required to have positive (finite) upper and lower bounds, with the lower bound 
strictly less than the upper. Without loss of generality, we assume contingent 
links do not share finish points. (If desired, they can be constrained to simul- 
taneity by [0, 0] requirement links. It is also known that networks with coincident 
contingent finishing points cannot be DC.) 

Choosing one of the allowed durations for each contingent link may be 
thought of as reducing the STNU to an ordinary STN. Thus, an STNU deter- 



mines a family of STNs corresponding to the different allowed durations; these 
are called projections of the STNU. 

Given an STNU with N as the set of nodes, a schedule T is a mapping 

where T(x) is called the time of timepoint x. A schedule is consistent if it satisfies 
all the link constraints. The prehistory of a timepoint x with respect to a schedule 
T, denoted by T{-< a:}, specifies the durations of all contingent links that finish 
prior to x. 

An execution strategy S is a mapping 

S :V -*T 

where V is the set of projections and T is the set of schedules. An execution 
strategy S is viable if S(p), henceforth written S p , is consistent with p for each 
projection p. 

We are now ready to define the various types of controllability, following [7]. 
An STNU is Weakly Controllable if there is a viable execution strategy. This 
is equivalent to saying that every projection is consistent. 

An STNU is Strongly Controllable if there is a viable execution strategy S 
such that 

Spl(x) = Sp2{x) 

for each executable timepoint x and projections pi and p2. In Strong Controlla- 
bility, a “conformant” strategy (i.e., a fixed assignment of times to the executable 
timepoints) works for all the projections. 

An STNU is Dynamically Controllable if there is a viable execution strategy 
S such that 

= ‘r}' Sp\ (x^ = Sp2^X ) 

for each executable timepoint x and projections pi and p2. Thus, a Dynamic 
execution strategy assigns a time to each executable timepoint that may depend 
on the outcomes of contingent links in the past, but not on those in the fu- 
ture (or present). This corresponds to requiring that only information available 
from observation may be used in determining the schedule. We will use dynamic 
strategy in the following for a (viable) Dynamic execution strategy. 

It is easy to see from the definitions that Strong Controllability implies Dy- 
namic Controllability, which in turn implies Weak Controllability. In this paper, 
we are primarily concerned with Dynamic Controllability. 


2.1 Previous Algorithms 

It was shown in [3] that determining Dynamic Controllability is tractable, and 
an algorithm was presented that ran in pseudo-polynomial time. We will refer 
to this as the classic algorithm. 

The classic algorithm involves repeated checking of a special consistency 
property called pseudo-controllability. An STNU is pseudo-controllable if it is 



consistent in the STN sense and none of the contingent links are squeezed, where 
a contingent link is squeezed if the other constraints imply a strictly tighter lower 
bound or upper bound for the link. The pseudo-controllability property is tested 
by computing the AllPairs Shortest Path graph using Johnson’s Algorithm [4]. 
If the network passes the test, the algorithm then analyzes triangles of links and 
possibly tightens some constraints in a way that has been shown not to change 
the status of the network as DC or non-DC, but makes explicit all limitations 
to the execution strategies due to the presence of contingent links. 

Some of the tightenings involved a novel temporal constraint called a wait. 
Given a contingent link AB and another -link- AC; the <B, t> annotation on 
AC indicates that execution of the timepoint C is not allowed to proceed until 
after either B has occurred or t units of time have elapsed since A occurred. 
Thus, a wait is a ternary constraint involving A, B, and C. It may be viewed as 
a lower bound of t on AC that is interruptible by B. Note that the annotation 
resembles a binary constraint on AC. 

In order to describe the tightenings, the notation A B (or B A) 
indicates a contingent link with bounds [ x,y] between A and B. We use the 

similar notation of A B (or B A) for ordinary links. 

We can summarize the tightenings, called reductions, used in the classic al- 
gorithm as follows. 

(. Precedes Reduction ) If u > 0, y' — y — v, x' = x — u, 
ANJB^C adds A'^C 


( Unordered Reduction ) If u < 0, v > 0, y' — y - v, 
A^B^C adds A < M > C 

(Simple Regression) If y' = y — v, 

M A < B A> D 

( Contingent Regression) If y > 0, B ^ C, 
A< B 4 > C Md adds A <B 'iCT">D 


( “Unconditional” Reduction ) If u < x, 
bS^a'^c adds a'^’c 


( General Reduction) If u > x, 

B [ Ma < ^ > C adds A [ ^ ] C 

The tightenings involve new links that are added when the given pattern is 
satisfied unless tighter links already exist. The extensive motivation for these 
in [3] cannot be repeated here due to lack of space. However, some examples 
may help to give the basic idea. 



Examplel: A B C. Here we must schedule C exactly one time 
unit before B without knowing when B will occur. This requirement cannot be 
achieved in practical terms, although the network is initially consistent in the 
STN sense. The Precedes Reduction makes the inconsistency explicit. Contrast 

this with A =$ B C, where B can be observed before executing C, so no 
addition is needed. 

[ 1 , 2 ] [ 1 » 2 ] 

Example2: A ==? B C. Note that the CB constraint implies C precedes 
B. This means the agent must decide on a timing for C before information about 
the timing- of B-is available,- and must do it in. a way that . the CB constraint 
is satisfied no matter when B occurs. The only way to accomplish this given 
our ignorance of B is to constrain C relative to A in such a way that the CB 
constraint becomes redundant. The Precedes Reduction does this by constraining 
C to happen simultaneously with A. 

Example3: A B C. Here we cannot safely execute C before B 

until time 2 after A (otherwise if B occurs at 3, the [-1,1] constraint would be 
violated). After that we can execute C prior to B if we wish, because we know 
B will finish within one more time unit. Thus, we place a <B,2> constraint 
on AC. 


2.2 Labelled Distance Graph and Cutoff Algorithm 

We now review the developments in [5], which re-expresses the reductions in a 
more mathematically concise form. 

An ordinary STN has an alternative representation as a distance graph, in 

which a link A h-U B is replaced by two edges A -A-> B and A « — - B, where the 
y and — x annotations are called weights. Edges with a weight of co are omitted. 
The distance graph may be viewed as an STN in which there are only upper 
bounds. This allows shortest path methods to be used to determine consistency, 
since an STN is consistent if and only if the distance graph does not contain a 
cycle with negative total distance [6]. 

Similarly, there is an analogous alternative representation for an STNU called 
the labelled distance graph [5]. This is actually a multigraph (which allows multi- 
ple edges between two nodes), but we refer to it as a graph for simplicity. In the 

labelled distance graph, each requirement link A B is replaced by two edges 
A B and A B, just as in an STN. For a contingent link A B, we 
have the same two edges A B and A B, but we also have two additional 
edges of the form A B and A ?— - B. These are called labelled edges because 
of the additional “b:” and “B:” annotations indicating the contingent timepoint 
B with which they are associated. Note especially the reversal in the roles of x 

and y in the labelled edges. We refer to A <— ? B and A — > B as upper-case and 
lower-case edges, respectively. Observe that the upper-case labelled weight B:-y 
gives the value the edge would have in a projection where the contingent link 



takes on its maximum value, whereas the lower-case labelled weight corresponds 
to the contingent link minimum value. 

There is also a representation for a A — h* G wait constraint in the labelled 

B'—t 

distance graph. This corresponds to a single edge A ^ — C. Note the analogy to 
a lower bound. This weight is consistent with the lower bound that would occur 
in a projection where the contingent link has its maximum value. 

We can now represent the tightenings in terms of the labelled distance graph. 
The first four categories of tightening from the classic algorithm are replaced by 
what is essentially a single reduction with different flavors. These are: 

(Upper-Case Reduction) 

A^C^D adds A B: £± y) D 

(Lower-Case Reduction) If x < 0, 

A ♦ *- c 31 D adds Af^D 

(Cross-Case Reduction) If x < 0, B ^ C, 

A^C^D adds A B: £± y) D 

(No-Case Reduction) 

A C D adds A ^ D 

In place of the Unconditional and General Reductions, we will have a single 
reduction: 

(Label Removal Reduction) If z > -x, 

B<^A<^C adds A C 

It is shown in [5] that the new reductions are sanctioned by the old ones. For 
example, Upper- Case Reduction follows from a combination of Unordered 
Reduction and Simple Regression. 

We emphasize that the Cross-Case Reduction does not apply when the 
upper and lower labels come from the same contingent link. (This case violates 
the B ^ C precondition.) This restriction is crucial; otherwise, the upper-case 
and lower-case edges of any contingent link could self-interact, immediately pro- 
ducing an inconsistency. 

With this reformulation, the “Case” (first four) reductions can all be seen 
as forms of composition of edges, with the labels being used to modulate when 
those compositions are allowed to occur. In light of this, the reduced distance of a 
path in the labelled distance graph is defined to be the sum of edge weights in the 
path, ignoring any labels. Thus, the reductions preserve the reduced distance. 

The approach in [5] also modifies the test that is applied before each iter- 
ation. Instead of testing for the complex property of pseudo-controllability, it 
checks for ordinary consistency of the AllMax projection, which is defined to 
be the projection where all the contingent links take on their maximum values. 



(Similarly, the AllMin projection is where all the contingent links take on their 
minimum values.) Observe that the distance graph of the AllMax projection can 
be obtained from the labelled distance graph by (1) deleting all lower-case edges, 
and (2) removing the labels from all upper-case edges. 

Suppose we now take the classic algorithm for Dynamic Controllability, and 
modify it by replacing the old reductions/regressions with the new, and replacing 
the pseudo-controllability test with the AllMax consistency test. This modified 
algorithm correctly determines DC, and furthermore, if the network is DC, qui- 
escence is reached after at most 0(N 2 ) iterations of the outer loop [5]. Thus, 
the~ algorithm can be -halted at this cutoff bound; We will refer to this as the 
Quadratic-Cutoff algorithm. 

The algorithm can be summarized as follows. 

Boolean procedure determineDCO 
loop from 1 to Cutoff Bound do 
if AllMax projection inconsistent 
return false; 

Perform applicable Reductions; 
if no reductions were applicable 
return true; 
end loop; 
return false; 
end procedure 

The overall algorithm runs in 0(N 5 ) time. (A more precise 0(N 3 K 2 ) bound 
is given [5] in terms of if, the number of contingent links. Note that K < N 
since the end-points of contingent links are restricted to be distinct.) 

2.3 Implicit Precondition 

We point out that the Precedes reduction should have an additional precondition, 
B^C, but this is not explicitly stated in [5]. (It should be noted that the results 
there are not affected by this issue.) The original derivation [3] of the Precedes 
reduction is in terms of a triangular network, which assumes three distinct nodes. 
We further point out that this B ^ C precondition is essential. It can easily be 

seen, for example, that the network A ==$ B B has a dynamic strategy (just 
execute A at time 0), and hence is DC. However, without the precondition, an 
application of the Precedes reduction would produce an inconsistency. Similarly, 
in the Lower-Case reduction (which is derived from the Precedes reduction), 
there should be an additional A ^ C precondition. 

Instead of adding this precondition explicitly, we will make a different mod- 
ification to the Dynamic Controllability formulation that makes it unnecessary. 
Recall that a dynamic strategy may depend on the past, but’ not on the future 
or present. We change this so that it may depend on the past or present. This 
essentially assumes that observations can be acted upon instantaneously instead 
of requiring an infinitesimal amount of time. This change is NOT essential to 



the results in this paper; they could be derived without it. However, the math- 
ematics works out more cleanly with the change. It is also more consistent with 
the approach used in the dispatchability [8] work. 

The effect of this change is that the Lower-Case and Cross- Case reduc- 
tions must be modified to read as follows (note the x < 0 is changed to x < 0): 

(Lower-Case Reduction) If x < 0, 

A <-L- C D adds A£^D 

(Cross-Case Reduction) lft<0, B C, 
a b 2Lc< LL D adds A B: £± y) D 

We will assume in the remainder of this paper that the Lower-Case and 
Cross-Case reductions have been modified in this way. The Upper-Case and 
No-Case reductions do not require modification. 

3 Structural Characterization 

We now proceed to introduce a new analysis of Dynamic Controllability that 
leads to a faster algorithm. 


3.1 Normal Form STNU 

In this subsection, we introduce a new way of simplifying the STNU formulation. 
First, we recall that in the definition of an STNU [3], the bounds on a contingent 

link A^^B are required to satisfy 0 < x < y < oo. An analysis of the proof of 
correctness in [3] shows that the strict 0 < x inequality was only needed because 
of a weakness of the pseudo- controllability test in detecting a deadlock involving 
a cycle of waits, and the resulting use of the General Reduction for this purpose. 
In [5], the pseudo-controllability test is replaced by a test of the consistency of 
the AllMax projection. This can detect a cycle of waits even when contingent 
links are allowed to have lower bounds of zero. Thus, we can relax the contingent 
link bound requirement to 0 < x < y < oo. 

This provides an opportunity to recognize that we can restrict our attention 
to a simpler subclass of STNUs without loss of generality. We will say an STNU is 
in normal form if the lower bound of every contingent link is zero. Now consider 

a general STNU j T and any contingent link A^i^B in F where x > 0. Suppose 
we create a new STNU F' where the A=^B contingent link is replaced by 

A Lid C A=> B, where C is a new controllable timepoint. It is not difficult 
to see that any dynamic strategy for F can be easily mapped into a dynamic 
strategy for F' (just execute C at x units after A) and vice versa (just drop C). 
Thus, r is DC if and only if F' is DC. The replacement process can be repeated 
until every contingent link with a non-zero lower-bound has been eliminated. 
Thus, for any STNU, there is a normal form STNU that is equivalent in terms 



of the existence of a dynamic strategy. We will assume in our subsequent analysis 
that the STNUs are in normal form. 

Note that the Label Removal reduction assumes a simpler form in a normal 
form STNU as follows. (This facilitates our subsequent proofs.) 

(Label Removal) If z > 0, 

A^-C adds A C 

It is also worth commenting that with the normal form assumption,, the c:x 
notation could be - “recycled” to mean a c:0 edge followed by a path of ordi- 
nary edges of length x. This would allow the Lower-Case and Cross-Case 
reductions to be rewritten as follows. 

(Lower-Case Composition) 

A<-L_c£^D adds A c: £±- y) D 


(Lower Label Removal) If 2 < 0, 
A C adds A C 


(Cross-Case Composition) If B ^ C, 


A^-C^-D adds 


( a B: H y) D if [x 
{A c t±- y) D if (x 


+ y) 
+ y) 


<0 
> 0 


We will not pursue this notation change here, but noting the underlying 
symmetry between lower-case and upper-case labels (modulo a sign change) will 
be helpful for understanding the section on execution later in the paper. 


3.2 Path Transformations 

An ordinary STN is consistent if and only if its distance graph does not contain 
a negative cycle. It is tempting to suppose that Dynamic Controllability might 
be characterized by the absence of cycles of negative reduced distance in the 
labelled distance graph. However, this is not true in general. For example, the 

STNU consisting of the single contingent link A=4 b is DC, but its distance 
graph contains the cycle A B A, which has negative reduced distance. 
Nevertheless, as we will see, there is indeed a characterization of DC in terms 
of negative cycles, but it involves a subclass of such cycles. In order to describe 
this, we require additional concepts involving a notion of path transformation. 

Consider a path V that contains a subpath Q between two points A and 
B and suppose Q matches the left side of a reduction. Note that applying the 
reduction to Q yields a new edge e between A to B. Now consider the path V 
obtained from V by replacing Q by e. For convenience, we will abuse language 
slightly and say V is transformed into V by the reduction. (The original path 
V is of course still in the network.) Note that V has the same reduced distance 
as V since the reductions preserve reduced distance. 



Armed with this linguistic device, we can define some useful concepts of 
reducibility of paths. First, a path is reducible if it can be transformed into a 
single edge by a sequence of reductions. 

However, a slightly weaker property is more useful for characterizing Dynamic 
Controllability. Recall that tests of the consistency of the AllMax projection are 
used to filter non-DC networks in the Quadratic Cutoff algorithm. Note also 
that the AllMax projection includes edge weights derived from both ordinary 
edges and upper-case edges, but not from lower-case edges. We may view the 
reductions as gradually tightening the network by transforming reduced distance 
iir theTabelleddistance graph into ordinary- distance in the AllMax- projection; 
The significant events in this process are the transformations of paths with lower- 
case edges into paths without lower-case edges. This leads us to define a path 
as being semi-reducible if it can be transformed into a path without lower-case 
edges by a sequence of reductions. This gives rise to the following theorem. (To 
simplify its statement, we will informally say an STNU has a negative cycle if its 
labelled distance graph contains a cyclic path with negative reduced distance.) 

Theorem 1. An STNU is Dynamically Controllable if and only if it does not 
have a semi-reducible negative cycle. 

Proof. If an STNU is not DC, then there is some sequence of reductions that 
produces a negative cycle in the AllMax projection, i.e., a lower-case-free neg- 
ative cycle in the labelled distance graph. If we now unwind that sequence of 
reductions (applying the reverse transformations to the negative cycle) , we arrive 
at a preimage or precursor cycle in the original labelled distance graph. Since 
the reductions preserve reduced distance, this is also negative, and clearly it is 
semi-reducible. 

Conversely, if there is a semi-reducible negative cycle, then clearly there is a 
sequence of reductions that produces an inconsistency in the AllMax projection. 
Thus, the STNU is not DC. □ 

Observe that the cycle A B A in our earlier example is not semi- 
reducible since no reductions are applicable. (The CROSS- Case reduction does 
not apply since the b and B labels are from the same contingent link.) 

We now look for ways of identifying semi-reducible paths. The following 
notation will be useful. Consider a specific path V in the labelled distance 
graph of an STNU. We will write e < e' in V if e is an earlier edge than el in 
V . If A and B are nodes in the path, we will write Dp(A, B) for the reduced 
distance from A to B in V . We denote the start and end nodes of an edge e by 
start(e) and end(e), respectively. 

Now suppose e is a lower-case edge in V . Let e' be some other edge such that 
e < e' in V ■ We will say'e' is a drop edge for e in V if Vp (end (e), end (e')) < 0. 
We further say e' is a moat edge for e in V if it is a drop edge and there is no 
other drop edge e" such that e" < e' in V ). (Thus, a moat edge is a closest drop 
edge. The metaphor is of a moat in front of a castle.) Note that a lower-case edge 
can never be a moat edge since it is non-negative. We will also call the subpath 
of V from end(e) to end(e') the extension of e in V . 



The extension subpath turns out to have a very useful property. We will say 
a path V has the prefix/postfix property if every nonempty proper prefix of V 
has non-negative reduced distance and every nonempty proper postfix of V has 
negative reduced distance. We will also refer to such a path as a prefix/postfix 
path. Observe that the extension subpath of a lower-case edge always has the 
prefix/ postfix property. (Otherwise there would be a closer drop edge than the 
moat edge.) The following lemma will be useful. 

Lemma 1 (Nesting Lemma). If two prefix/postfix paths have a non-empty 
intersection, -then one. of the. paths is contained, in the -other.. ... 

Proof. The intersection subpath is a postfix of one path and a prefix of the other. 
It cannot be proper in both cases; otherwise it would be both non-negative and 
negative, which is a contradiction. Thus, it must be equal to one of the paths, 
which must then be a subpath of the other. □ 

The significance of an extension subpath, as we will see, is that it can even- 
tually be used to “reduce away” the lower-case edge from the path. However, 
there is an exceptional case where we will show this cannot occur. Suppose e is 
a lower-case edge in a path and e' is a moat edge for e. We will say e! is unusable 
if e' and e come from the same contingent link. This prepares the way for the 
following fundamental theorem. 

Theorem 2. A path V is semi-reducible if and only if every lower-case edge 
in V has a usable moat edge in V . 

Proof. First, suppose V is semi-reducible. Let e be any lower-case edge in V . 
Then there must be some sequence of transformations on V that eliminates e, 
i.e., e must eventually participate in a lower-case or cross-case reduction with 
some negative edge e' that is derived by a sequence of transformations on V . 
If we unwind this sequence, we can identify a precursor subpath Q of V 
that will eventually be transformed to e' . Let e" be the final edge of Q . Since 
the reductions preserve reduced distance, it follows that XV(end(e),end(e")) = 
2?-p(end(e),end(e')) < 0. Thus, e" is a drop edge for e and hence e must have a 
moat edge e'" . 

Next, suppose the moat edge is not usable, i.e., e!" is the upper-case edge 
that comes from the same contingent link as e. Note that every postfix of the 
extension (proper or non-proper) of e is negative. It is not hard to see that this 
rules out any “clearing” of the upper-case label from Q via the label removal 
reduction. This implies e' will also have that label. But this prevents application 
of the cross-case reduction to eliminate e, which is a contradiction. It follows 
that every lower-case edge in V has a usable moat edge. 

Conversely, suppose that every lower-case edge in V has a usable moat edge 
in V ■ Consider the extension subpaths corresponding to all the lower-case edges 
in V . By the Nesting Lemma, these are either nested or disjoint, i.e., they fall 
into nested groups. We will say an extension is innermost if it is not contained in 
another extension. It is enough to show that we can transform V to eliminate 
the lower-case edges of the innermost extensions; the result will then follow by 



induction since the other extensions will become innermost after the lower-case 
edges of the extensions nested within them have been eliminated. 

Now consider any innermost extension Q of a lower-case edge e. Since all 
the proper prefixes of Q are non-negative, it follows that any upper-case labels 
in the interior of Q can be “cleared” by applying no-case, upper-case and label 
removal reductions in a leffc-to-right manner. The only possible upper-case edge 
remaining will be the moat edge e'. Since this is usable, either e' is an ordinary 
edge, or e! is an upper-case edge from a different contingent link than e. Thus, Q 
will eventually reduce to an e" that is either an ordinary edge or an upper-case 
edge from a~ different contingent link than e. Since Q has negative reduced- 
distance, the e" can participate in a reduction that eliminates e. □ 

We can make two important observations from the converse part of the proof 
of theorem 2. First, by the nesting lemma, the lower-case edge and moat edge 
pairs, which fall into nested groups, form a layering of a semi-reducible path. 
Since the lower-case edges and moat edges behave like left and right parentheses, 
we call this the parenthesization of the path. The second observation is that there 
is a standard way of performing the transformations, using the parenthesization, 
that is guaranteed to eliminate the lower-case edges from a semi-reducible path. 
We call this the canonical elimination. 


3.3 Complexity of Negative Cycles 

Our next task is to analyze the complexity of semi-reducible negative cycles. In 
the case of an ordinary STN, if it has any negative cycle, then it must have a 
simple (without any repetitions) negative cycle. This allows the Bellman-Ford 
algorithm to limit the extent of its propagation. Unfortunately, a similar result 
does not hold for semi-reducible negative cycles in an STNU. The problem is 
that (if it is non-simple) there is no guarantee that one of its component cycles 
will also be both negative and semi-reducible, as seen in the following example. 
The compound cycle 

B B —2 A B -4 D > 3 C 42* D -4 B — ? A 42* B -4* E -4. B , 

which is semi-reducible and negative, can be broken into two component cycles 
B B -^ A 42* B -4 D C D -4 B and B B —3 A-^b4e4b. 
However, the first is negative but not semi-reducible, while the second is semi- 
reducible but not negative. (Note that the CD edge in the first cycle has its moat 
edge BE in the second cycle.) 

The good news is that there are nevertheless some simplifications that we 
can apply to a semi-reducible negative cycle, and they do lead to a faster DC 
checking algorithm. We require some additional concepts. First, given a lower- 
case edge e in a semi-reducible path, we will say e has a breach if its extension 
contains the upper-case edge from the same contingent link as e. Second, suppose 
a lower-case edge e repeats in a semi-reducible path. By the nesting lemma, the 
extensions from the two occurrences of e must be either nested or disjoint. We 



will say a repetition is flat if the two extensions are disjoint. (In the example, 
the repetition of BA is flat.) We have the following result. 

Theorem 3. If an STNU has any semi-reducible negative cycle, then it has a 
breach-free semi- reducible negative cycle in which all the repetitions are flat. 

Proof. First, we will show that breaches can be eliminated. Consider any outer- 
most extension £ associated with a lower-case edge e and its moat edge e' and 
suppose it has a breach edge e". Then e" ^ e' . (Otherwise the moat edge would 
not be usable.) Thus, 2>p(end(e),end(e")) > 0 by the prefix/postfix property, 
and so £>'p(start(e), end(e")J > 0. Since e and e" are the lower-case and upper- 
case edges of the same contingent link, start(e)=end(e"). Now observe that if we 
tighten the cycle by deleting the portion between start(e) and end(e"), we will 
not affect the moat edges of any remaining lower-case edges. (Since £ does not 
lie inside any other extension.) 

Now suppose by induction that we have eliminated breaches in all extensions 
that contain a given extension Q . We can apply the same breach elimination 
process as before. This may tighten some extension £ containing Q such 
that the former moat edge for £ is no longer the closest drop edge. However, 
since £ has no breaches, the new moat edge will still be usable. Thus, we can 
eliminate the breach from Q ,. while preserving the property that every lower- 
case edge has a usable moat edge. By induction, we can eliminate all breaches 
while preserving this property. This leads to a new tighter (thus, still negative) 
cycle, in which every lower-case edge still has a usable moat edge. Thus, it is still 
semi-reducible by theorem 2. 

Next suppose we have a breach-free semi-reducible negative cycle V , and 
consider a repetition that is not flat, i.e., we have occurrences of lower-case edges 
ei and e 2 with associated extensions £\ and £ 2 , respectively, such that £\ contains 
£ 2 , and ei = e 2 . By the prefix /postfix property, £>p(start(ei),start(e 2 )) > 0. In 
this case, we can tighten the cycle by deleting the subpath between start(ei) 
and start(e 2 ). Since the cycle is breach-free, every lower-case edge will still have 
a usable moat edge (by a similar argument as previously). Thus, the cycle will 
still be semi-reducible. □ 

The significance of theorem 3 is that if the repetitions are all flat, then the 
depth of nesting of the extensions cannot be greater than K , where K is the 
number of contingent links. We now fashion a DC checking algorithm that takes 
advantage of this. The idea is that each iteration of a propagation phase will 
decrement the depth of nesting by eliminating the innermost extensions. Thus, 
at most K iterations will be required to detect some semi-reducible negative cycle 
if an STNU is not DC. The propagation phase essentially simulates the canonical 
elimination mentioned earlier: we propagate forward from each lower-case edge 
over breach-free and lower-case-free paths looking for moat edges. For each one 
we find, we add a new edge corresponding to the reduction of the extension to 
a single edge. 

The algorithm can be summarized as follows. 

Boolean procedure f ast DC check () 



loop from 1 to K do 
if AllMax projection inconsistent 
return false; 

loop for each lower-case edge e do 

Propagate forward from end(e) over allowed paths 
loop for each moat edge e’ found do 

add reduced edge from start (e) to endfe’) 
end loop; 
end loop; 
end - loop; - 
return true; 
end procedure 

We now estimate the complexity of this algorithm. For this, we let N be the 
number of nodes, E be the number of edges, and K be the number of contingent 
links. First, we observe that we need onfy propagate over the shortest paths 
among the allowed paths. (The only consequence will be possible earlier discovery 
of tighter reduced edges.) Second, a Bellman-Ford propagation that determines 
consistency of the AllMax projection can be used to provide a potential function 
as in Johnson’s algorithm [4]. Thus, the shortest path propagations from the 
lower-case edges can use the O(NlogN) Dijkstra algorithm. The overall cost 
of the algorithm is then 0(K(EN + K(NlogN))) = 0(KBN + K 2 NlogN). 
At most KN edges are added during the course of the algorithm. Thus, E is 
bounded by Eq + NK, where Eq is the original number of edges. This gives an 
overall estimate of O(KE 0 N+K 2 N 2 +K 2 NlogN) = O(KE 0 N+K 2 N 2 ). Using 
K < N and Eo < N 2 , we can simplify that to 0(N i ), which compares favorably 
with the previous 0(N 5 ) algorithm. 

4 Execution 

It should be pointed out that fastDCcheck merely determines the status of an 
STNU. It does not provide a network suitable for the execution algorithm de- 
scribed in [3]. However, once DC has been confirmed, it is an easier matter to 
prepare the network for execution. Due to space limitations, we can only outline 
the approach without providing detailed proofs. 

Successful execution requires that no contingent link bounds are squeezed due 
to propagation when a timepoint is executed or a contingent link finishes. To 
ensure that contingent link upper-bounds are not squeezed, we see from [3] that 
the key requirement is that waits need to be regressed along both ordinary and 
lower-case edges as far as they will go. This means that a regress Waits algorithm 
analogous to fastDCcheck that works backwards from upper-case edges (instead 
of forwards from lower-case edges) using Upper and Cross Case reductions, adds 
new edges via Label Removal (instead of Lower or Cross Case reductions), and 
uses an AllMin (instead of AllMax) propagation to construct the potential func- 
tion, can be used to regress the waits. An argument that is symmetrically similar 



to the drop/moat edge analysis can be used to show that quiescence is reached 
within K iterations. 

Once the waits have been regressed, we need to ensure that contingent link 
lower-bounds are also not squeezed. For this, we observe that propagations dur- 
ing execution are only along ordinary edges. (The waits merely introduce delays.) 
Thus, we need to ensure that paths that begin with lower-case edges and con- 
tinue with ordinary edges are transformed to bypass the lower-case edges via the 
Lower Case reduction. This can be achieved by applying a modified fastDCcheck 
algorithm where the “allowed” paths are restricted to ordinary edges. With that 
restriction,- the proof methods of this paper can be adapted to show that quies- 
cence is reached within K iterations. It can also be shown that the edges added 
in this step will not disturb the quiescence of the wait regression. 

Both of these post-processing steps run in similar time to fastDCcheck. Thus, 
"the combined algorithm is still 0(N 4 ). 

5 Conclusion 

We have reformulated Dynamic Controllability testing in a way that provides 
mathematically simpler operations, and used that to obtain a 0(N 4 ) algorithm 
with a linear cutoff. Previously, only an 0(N 5 ) was known. 
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